The presence of microphones in computerized products such as desktop computers, laptop computers, PDAs, tablets and mobile phones creates an information security and privacy protection challenge today. As computers connected to public networks and to the internet can be easily hacked and controlled remotely, these products having internal or external microphones are at risk of becoming an eavesdropping bug. Attacker can install a malicious code on the product that will activate the microphone in such way that it will pick up surrounding conversation, compress the audio data and stream it over the internet to the interested attacker. Then the attacker reconstructs the audio signal, enhance it if needed and analyze it to recover valuable information. Such method can operate while the user is completely unaware and it can even run undetectable by anti-virus and intrusion detection programs through the use of Zero Day Vulnerabilities. Zero Day Vulnerabilities are non-publicized new security vulnerabilities that can be used by attackers to modify or control product functionality.
One of the most common methods used to hack computer microphone remotely is through the use of RAT. RAT is an acronym for Remote Access Trojan. A RAT might have a functional use, but it is typically used to describe malicious code that is installed without the user's knowledge with the intent of monitoring the computer, logging keystrokes, capturing passwords and otherwise assuming control of the computer from a remote location. Common RATs such as Sub7 have the functionality of enabling computer microphone or video camera remotely and streaming the data back to the attacker.
Prior-art computer microphones and headsets are prone to covert eavesdropping as they are typically not equipped with efficient means of disabling microphone activity when not used by the user. Even when On-Off switch is installed between the microphone and the audio CODEC circuitry, such switch is not efficient as users tend to leave it on continuously.
Computer microphones and headset devices are also lacking the clear user indications when microphone is active and therefore users are unaware when microphone is activated by software means.
Another disadvantage of prior-art computer microphones and headsets is the lack of anti-tampering means that will prevent physical attack on the device in attempt to bypass switches or other internal security means.
To overcome these disadvantages, many high-security organizations are instructing their workforce to remove all microphones and headsets from their desktop computers. In addition to that, many organizations are physically removing microphones from the laptop computers that they are purchasing and using.
U.S. Pat. No. 4,942,605 titled “Security Handset”; discloses a security handset. This handset is designed to prevent eavesdropping of telephone handsets while handset is on-hook. This prior-art device is not suitable for use in today's environment as computer headsets do not have on-hook/off-hook states. Headsets and microphones are not stored or hanged while not in active use.